Programming
Reader small image

You're reading from  Microsoft Office 365 Administration Cookbook

Product typeBook
Published inSep 2020
PublisherPackt
ISBN-139781838551230
Edition1st Edition
Tools
Office 365
Concepts
Business Process Management
Right arrow
Author (1)
Nate Chamberlain
Nate Chamberlain
author image
Nate Chamberlain

Nate Chamberlain is a technical content creator, solution architect, and trainer, recognized as a 5-year Microsoft MVP. With a background in business analysis and systems administration, Nate has authored seven books and manages his blog. He holds an array of certifications, including M365 Enterprise Administrator Expert and Microsoft Power Platform App Maker Associate, and is a frequent speaker at user groups and conferences.
Read more about Nate Chamberlain

Right arrow

Chapter 10: Configuring and Managing Users in Azure Active Directory (Azure AD)

Azure Active Directory (Azure AD or AAD) provides additional functionality and granularity when it comes to managing users, access restrictions, groups, and licensing. It is included by default at the heart of O365 identity and security. We will look at some of the more popular reasons as to why O365 administrators might find themselves in Azure AD.

This chapter includes the following recipes:

  • Bulk create users in AAD
  • Adding branding to the AAD sign-in page
  • Adding a privacy statement to the AAD sign-in page
  • Installing and connecting to AAD via PowerShell
  • Adding/removing users via PowerShell in AAD
  • Creating an access review report in Azure AD
  • Allowing/disallowing users from connecting LinkedIn to their account
  • Enabling a self-service password reset
  • Using SSO to simplify organization-wide sign-in processes

Technical requirements

This chapter will often require that you're a global administrator in your tenant although, in certain cases, a user administrator role will suffice. You'll also need to be able to run PowerShell and may need rights to install software on a machine in order to complete all the recipes.

Bulk create users in AAD

When adding multiple users to Azure AD, it is often more efficient to do so in batches. In this recipe, we'll bulk create users in Azure AD.

Getting ready

You should be a global or user administrator to complete this recipe.

How to do it…

  1. Go to https://aad.portal.azure.com/. Sign in if prompted.
  2. Click Users from the left-hand navigation menu.
  3. From Bulk activities, select Bulk create:

    Figure 10.1 – Bulk create option available from the Users blade of Azure Active Directory

  4. Click Download to download the CSV template to use for properly formatting the soon-to-be-imported users.
  5. Open the template and paste or complete rows for each user to be imported, filling in the following column values:

    --Name [displayName] Required

    --User name [userPrincipalName] Required

    --Initial password [passwordProfile] Required

    --Block sign in (Yes/No) [accountEnabled] Required

    --First name [givenName]

    --Last name [surname]

    --Job title [jobTitle...

Adding branding to the AAD sign-in page

Adding your own branding to the AAD sign-in page lets your users easily confirm that they're signing into the correct tenant by recognizing familiar graphics. It also gives your organization a more polished, professional appearance, not only to your own users, but also to your guest users signing into your tenant. In this recipe, we'll add branding elements to the AAD sign-in page.

Getting ready

You must be a global administrator to complete the steps in this recipe. You'll also need images ready that match the following specifications (with transparent backgrounds in most cases where appropriate):

  • Background: 1920 x 1080 px | <300 KB | PNG, JPG, or JPEG
  • Banner: 280 x 60 px | 10 KB | PNG, JPG, or JPEG
  • Square: 240 x 240 px | 50 KB | PNG (preferred), JPG, or JPEG
  • Square – Dark: 240 x 240 px | 50 KB | PNG (preferred), JPG, or JPEG

How to do it…

  1. Go to the Azure Active Directory...

Adding a privacy statement to the AAD sign-in page

When users view their O365 account (settings wheel > View account), there's a link for Security & privacy that they can click. There, they'll find a link to Organization Privacy Statement, which we'll configure in this recipe:

Figure 10.11 – Organization Privacy Statement link in a user's O365 account settings

Getting ready

You must be a global administrator to complete the steps in this recipe.

How to do it…

  1. Go to the Azure Active Directory Admin Center at https://aad.portal.azure.com.
  2. Select Azure Active Directory from the left navigation menu.
  3. Click Properties from under the Manage heading.
  4. Find the field for your Privacy statement URL and add it:

    Figure 10.12 – Privacy statement URL configuration field in AAD properties

  5. Click Save (at the top).

How it works…

In this recipe, you've updated your organization...

Installing and connecting to AAD via PowerShell

Azure AD can be managed easily using PowerShell cmdlets, in the same way as we've demonstrated with general O365 administration via PowerShell in Chapter 3, Administering Office 365 with PowerShell. Remember to run PowerShell as an administrator (right-click, and then choose Run as administrator) when running commands to ensure you'll be able to complete actions (assuming your credentials are also valid for the action you're attempting to perform). In this recipe, we'll install and connect to AAD via PowerShell to unlock many more administrative capabilities.

Getting ready

You must be a global administrator to complete the steps in this recipe.

If you haven't done so already (perhaps in Chapter 3, Administering Office 365 with PowerShell), download and install the Microsoft Online Services Sign-In Assistant at http://go.microsoft.com/fwlink/?LinkID=286152.

How to do it…

  1. Install either...

Adding/removing users via PowerShell in AAD

This recipe should begin to get you thinking about how you could potentially automate regular processes in your organization by utilizing PowerShell as part of your automated job. While we'll manually add a user to Azure AD in this recipe, you could have the same PowerShell script run based on a trigger from your HR system, by way of an example. For now, we'll start with the basics – running the script itself manually to add a user.

Getting ready

You must be a global administrator to complete the steps in this recipe.

How to do it…

  1. Open Windows PowerShell (or your PowerShell client of choice) as the administrator.
  2. Connect to Azure AD using Connect-AzureAD.
  3. Use a script such as the following, replacing the user's specific info where appropriate.
    $PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile
$PasswordProfile.Password = "aBc123!ndc"
New-AzureADUser...

Creating an access review report in Azure AD

Access reviews allow you to easily review who has access to which apps and groups on a regular basis. You could recertify memberships routinely, manage guests, and increase governance efficiency by making access privileges more visible to those needing that information. In this recipe, we'll onboard to begin using access reviews and then create a report.

Getting ready

You must be a global or user administrator to complete the steps in this recipe, and need either an Azure AD Premium P2 subscription or an Enterprise Mobility + Security E5 subscription to use this feature.

How to do it…

  1. Go to the Azure Active Directory Admin Center at https://aad.portal.azure.com.
  2. Click on Azure Active Directory from the left navigation menu and then choose Identity Governance.
  3. If this is your first time creating an access review, click Onboard on the left-hand navigation pane. Otherwise, skip to step 7:

    Figure...

Allowing/disallowing users from connecting LinkedIn to their account

By default, users may be able to connect their LinkedIn accounts to their work or school account in your organization. This allows ease of access to LinkedIn data for their colleagues and provides a pre-built social network for your organization to utilize. You can manage whether this is a possibility via Azure AD. In this recipe, we'll disable the ability to connect to LinkedIn.

Getting ready

You must be a global administrator to complete the steps in this recipe.

How to do it…

  1. Go to the Azure Active Directory Admin Center at https://aad.portal.azure.com.
  2. Click on Azure Active Directory from the left navigation menu and then choose User settings:

    Figure 10.26 – User settings link in the left-hand navigation menu of AAD

  3. Change LinkedIn account connections to No:

    Figure 10.27 – Example showing LinkedIn account connections disabled

  4. Click Save.

How it works...

Enabling a self-service password reset

Allowing your users to handle their own password resets saves administrative time for IT staff and empowers your users to make better decisions when it comes to their digital identities and security. If it's easier for users to reset their own password, chances are they're more likely to when they suspect potential credential leakage or exposure. It also means that when users are working late, they can reset their own forgotten password at any time instead of waiting for the resolution of a support ticket that might be hours away.

In this recipe, we'll enable self-service password reset via Azure Active Directory.

Getting ready

You must be a global administrator to complete the steps in this recipe.

How to do it…

  1. Go to the Azure Active Directory Admin Center at https://aad.portal.azure.com.
  2. Click on Azure Active Directory from the left navigation menu and then choose Password reset.
  3. Click either...

Using SSO to simplify organization-wide sign-in processes

If your organization uses applications and services beyond Microsoft 365, chances are you have multiple sign-in processes. However, you can utilize single sign-on (SSO) to simplify these multiple sign-in processes by using your O365 credentials to provide authentication vis-à-vis third-party applications.

SSO is a massive topic. In this recipe, we'll share the steps necessary to review the available options and ideas to help you choose the best method to suit your needs.

Getting ready

You must be a global administrator to implement an SSO method, and will need to be an administrator of any third-party apps to which you'll be configuring a connection.

How to do it…

  1. Use the flowchart at https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/what-is-single-sign-on#choosing-a-single-sign-on-method to help you choose an appropriate single-sign on method.
  2. Review integration...
lock icon
The rest of the chapter is locked
Previous Chapter
Chapter 11 of 16
Next Chapter
You have been reading a chapter from
Microsoft Office 365 Administration Cookbook
Published in: Sep 2020Publisher: PacktISBN-13: 9781838551230
© 2020 Packt Publishing Limited All Rights Reserved
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
undefined
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at $15.99/month. Cancel anytime

Author (1)

author image
Nate Chamberlain

Nate Chamberlain is a technical content creator, solution architect, and trainer, recognized as a 5-year Microsoft MVP. With a background in business analysis and systems administration, Nate has authored seven books and manages his blog. He holds an array of certifications, including M365 Enterprise Administrator Expert and Microsoft Power Platform App Maker Associate, and is a frequent speaker at user groups and conferences.
Read more about Nate Chamberlain

Other recommended products

Related to this chapter

Managing Microsoft Teams: MS-700 Exam Guide

Managing Microsoft Teams: MS-700 Exam Guide

Managing Microsoft Teams: MS-700 Exam Guide offers complete, up-to-date coverage of the exam course content to help you pass with confidence. With this book, you will learn the steps of how to plan for a Microsoft Teams deployment within a business environment and manage Teams administrative functions on a day-to-day basis.

BookFeb 2021452 pages
Deploying Microsoft 365 Teamwork: Exam MS-300 Guide

Deploying Microsoft 365 Teamwork: Exam MS-300 Guide

This book offers complete, up-to-date coverage of the MS-300, written in a clear, succinct way with self-assessment questions, exam tips and mock exams with detailed answer explanations, this book covers configuration of SharePoint Online, OneDrive for Business, and Microsoft Teams and eventually earn the Microsoft certification.

BookJan 2020632 pages
PowerShell for Office 365

PowerShell for Office 365

Office 365 is a powerful tool to perform common administrative tasks. But there is more that it can do. PowerShell for Office365 helps in automation of repetitive and complex administrative tasks, which can greatly increase the speed and efficiency of your business. This book will walk you through all the aspects of PowerShell and will enable you to get a greater control and extract more from Office 365.

BookJul 2017222 pages
Microsoft 365 Security Administration: MS-500 Exam Guide

Microsoft 365 Security Administration: MS-500 Exam Guide

MS-500: Microsoft 365 Security Administration offers complete, up-to-date coverage of the MS-500 exam so you can take it with confidence, fully equipped to pass the first time.

BookJun 2020672 pages
Mastering Office 365 Administration

Mastering Office 365 Administration

Office 365 is Microsoft's cloud solution to create IT services for enterprises and academics which is way cheaper than an in house IT infrastructure. This book will teach you to implement enterprise-level services, no matter the size of your business.

BookMay 2018532 pages
Microsoft 365 Mobility and Security - Exam Guide MS-101

Microsoft 365 Mobility and Security - Exam Guide MS-101

The MS-101 exam is part of the Microsoft 365 Certified: Enterprise Administrator Expert certification path in which users learn to evaluate, plan, migrate, deploy, and manage Microsoft 365 services. This book offers complete, up-to-date coverage of the MS-101 exam so you can take them with confidence, fully equipped to pass the first time.

BookNov 2019312 pages
Office 365 Essentials

Office 365 Essentials

Office 365, one of the most powerful subscription applications, is renowned for its cost-effectiveness and has a powerful range of cost-effective services. This one-stop solution will help make your organization reliable, scalable, and fast. This book will help you realize this dream easily and effectively.

BookMay 2018394 pages
Microsoft 365 Certified Fundamentals MS-900 Exam Guide

Microsoft 365 Certified Fundamentals MS-900 Exam Guide

Microsoft? ?365? ?Certified? ?Fundamentals certification demonstrates your knowledge of cloud services in general and the SaaS cloud model. This MS-900 exam guide, filled with practice questions, exam patterns, and mock tests, will help help you pass the exam on the first go and get to grips with adopting core Microsoft 365 services and cloud concepts.

BookFeb 2020342 pages
Hands-On Microsoft Teams

Hands-On Microsoft Teams

Microsoft Teams is your entry point to the Modern Workplace. This beginner's guide is complete with hands-on tutorials and examples to teach you how to use or implement Microsoft Teams in your organization for unified communication. The book helps you to be a Microsoft Teams advocate and to improve the way people collaborate in your organization.

BookApr 2020324 pages
Microsoft 365 and SharePoint Online Cookbook

Microsoft 365 and SharePoint Online Cookbook

With a large collection of recipes to guide you through the Microsoft Office 365 integrated suite, this cookbook provides tools for streamlining your organizational tasks in content management. Starting with an overview of the MS 365 ecosystem, it covers the Power Platform using a step-by-step approach to make the most of the services available to you.

BookJun 2020810 pages
Office 365 User Guide

Office 365 User Guide

Office 365 is one of the most secure and easy-to-use apps for email exchange. To help you understand the details about office365, this book will explain you different settings of Office 365, along with its extensions such as SFB, OneDrive, Sharepoint and Team.

BookApr 2019462 pages
Deploying SharePoint Server Hybrid: Exam MS-301 Guide

Deploying SharePoint Server Hybrid: Exam MS-301 Guide

The Microsoft MS-301 exam demonstrates that administrators have a firm grasp of the knowledge and skills necessary to deploy, configure, and manage SharePoint. This book will focus on the material needed to pass the MS-301 exam and understand SharePoint deployment, though not a substitute for hands-on learning and exploring the product’s features.

BookJul 2020540 pages

Personalised recommendations for you

Based on your interests and search pattern

C++ Programming for Linux Systems

C++ Programming for Linux Systems

This book covers the essential system programming tools and helps you explore the features of C++20. It emphasizes important details to maintain code quality and tackle everyday challenges of developing software for high performance, optimization, and more.

BookSep 2023288 pages
Expert C++

Expert C++

Discover advanced programming techniques, the latest features of C++17 and C++20, and best practices for memory management, debugging, testing, and large-scale application design with Expert C++. Ideal for experienced developers advancing to proficient programmers and building professional-grade C++ applications.

BookAug 2023604 pages
iOS 17 Programming for Beginners

iOS 17 Programming for Beginners

iOS 17 Programming for Beginners, Eighth Edition is your comprehensive guide to learning the art of iOS app development. Whether you dream of creating the next chart-topping app or simply want to enhance your programming skills, this book is your trusted companion on this exciting journey.

BookOct 2023604 pages4
Developer Career Masterplan

Developer Career Masterplan

Written by industry experts that have spent the last 20+ years helping developers grow their career path towards senior developer positions and beyond. This book provides a comprehensive guide, sharing examples and stories from their global careers. By the end, you’ll have the knowledge to create a clear career progression plan as a technical professional.

BookSep 2023310 pages
Refactoring with C#

Refactoring with C#

In Refactoring with C#, you’ll explore the process of safely refactoring modern .NET code using Visual Studio features, advanced unit tests, AI assistance, and custom Roslyn analyzers.

BookNov 2023434 pages
Python Real-World Projects

Python Real-World Projects

Amplify your developer journey by curating a dynamic project portfolio that outshines traditional resumes. Delve into the Python realm through immersive projects, mastering core concepts while constructing comprehensive modules and applications. From data acquisition prowess to impactful data visualization, Python Real-World Projects arms you with essential skills to beat the competition.

BookSep 2023478 pages5
The MVVM Pattern in .NET MAUI

The MVVM Pattern in .NET MAUI

The MVVM Pattern in .NET MAUI enables developers to master MVVM principles and effectively apply them to .NET MAUI. This book uses real-life examples and covers complex problems to help you successfully apply MVVM with .NET MAUI to confidently develop robust and high-performing cross-platform apps.

BookNov 2023386 pages
Extending Microsoft Business Central with Power Platform

Extending Microsoft Business Central with Power Platform

Extending Business Central with the Power Platform is a step-by-step guide for Business Central professionals to create solutions that automate business processes, explain complex workflow approvals, and integrate with hundreds of other systems, without traditional development. It’ll guide you in customizing Business Central with Power Platform.

BookAug 2023458 pages5
Extending Microsoft Business Central with Power Platform

Extending Microsoft Business Central with Power Platform

Extending Business Central with the Power Platform is a step-by-step guide for Business Central professionals to create solutions that automate business processes, explain complex workflow approvals, and integrate with hundreds of other systems, without traditional development. It’ll guide you in customizing Business Central with Power Platform.

BookAug 2023458 pages5
Quantum Computing Algorithms

Quantum Computing Algorithms

The book emphasizes intuitive ideas behind quantum algorithms in ways that other books don’t cover, striking a careful balance between no math and too much math. To get the most from this book, you should be comfortable with basic algebra and writing simple computer code. No prior understanding of quantum physics is needed to get started.

BookSep 2023342 pages
Python &ndash; Complete Python, Django, Data Science and ML Guide

Python – Complete Python, Django, Data Science and ML Guide

Unlock Python's full potential with this 50+ hour course! From programming to web and game development, data manipulation, and machine learning, gain the skills required to succeed in various Python-related careers. With practical tasks, hands-on experience, and a strong foundation in Python, you'll be ready to tackle real-world challenges and take advantage of the many opportunities this versatile language offers.

VideoNov 202350 hours 30 minutes5
Python &ndash; Complete Python, Django, Data Science and ML Guide

Python – Complete Python, Django, Data Science and ML Guide

Unlock Python's full potential with this 50+ hour course! From programming to web and game development, data manipulation, and machine learning, gain the skills required to succeed in various Python-related careers. With practical tasks, hands-on experience, and a strong foundation in Python, you'll be ready to tackle real-world challenges and take advantage of the many opportunities this versatile language offers.

VideoNov 202350 hours 30 minutes5